Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 646784 (CVE-2018-5759, CVE-2018-6191) - <dev-lang/mujs-1.0.4: Multiple vulnerabilities
Summary: <dev-lang/mujs-1.0.4: Multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2018-5759, CVE-2018-6191
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks: 650646
  Show dependency tree
 
Reported: 2018-02-06 17:09 UTC by GLSAMaker/CVETool Bot
Modified: 2018-11-24 22:50 UTC (History)
2 users (show)

See Also:
Package list:
dev-lang/mujs-1.0.4
Runtime testing required: ---
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2018-02-06 17:09:35 UTC 
CVE-2018-6191 (https://nvd.nist.gov/vuln/detail/CVE-2018-6191):
  The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an
  integer overflow because of incorrect exponent validation.

CVE-2018-5759 (https://nvd.nist.gov/vuln/detail/CVE-2018-5759):
  jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST
  depth for binary expressions, which allows remote attackers to cause a
  denial of service (excessive recursion) via a crafted file.
Comment 1 Larry the Git Cow gentoo-dev 2018-10-07 02:15:25 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=63926daea9a8a9b4e5e6f49b5159b5cdd6dd39b7

commit 63926daea9a8a9b4e5e6f49b5159b5cdd6dd39b7
Author:     Virgil Dupras <vdupras@gentoo.org>
AuthorDate: 2018-10-07 02:13:03 +0000
Commit:     Virgil Dupras <vdupras@gentoo.org>
CommitDate: 2018-10-07 02:13:03 +0000

    dev-lang/mujs: bump to 1.0.4
    
    Bug: https://bugs.gentoo.org/605554
    Bug: https://bugs.gentoo.org/646784
    Signed-off-by: Virgil Dupras <vdupras@gentoo.org>
    Package-Manager: Portage-2.3.50, Repoman-2.3.11

 dev-lang/mujs/Manifest                      |  1 +
 dev-lang/mujs/files/mujs-1.0.4-gentoo.patch | 23 ++++++++++++++++
 dev-lang/mujs/mujs-1.0.4.ebuild             | 42 +++++++++++++++++++++++++++++
 3 files changed, 66 insertions(+)
Comment 2 Virgil Dupras (RETIRED) gentoo-dev 2018-10-07 02:19:33 UTC 
New ebuild pushed. Tested on a bump of mupdf I'm working on, seems to be working.

Arches, please stabilize dev-lang/mujs-1.0.4. Thanks!
Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev 2018-10-09 21:25:30 UTC 
x86 stable
Comment 4 Agostino Sarubbo gentoo-dev 2018-10-11 19:51:53 UTC 
amd64 stable
Comment 5 Sergei Trofimovich (RETIRED) gentoo-dev 2018-10-12 19:19:22 UTC 
ia64 stable
Comment 6 Tobias Klausmann (RETIRED) gentoo-dev 2018-10-13 06:58:32 UTC 
Stable on alpha.
Comment 7 Sergei Trofimovich (RETIRED) gentoo-dev 2018-10-13 16:22:34 UTC 
hppa stable
Comment 8 Sergei Trofimovich (RETIRED) gentoo-dev 2018-10-14 09:44:17 UTC 
ppc stable
Comment 9 Sergei Trofimovich (RETIRED) gentoo-dev 2018-10-14 10:02:09 UTC 
ppc64 stable
Comment 10 Rolf Eike Beer archtester 2018-10-28 21:16:54 UTC 
sparc stable
Comment 11 Virgil Dupras (RETIRED) gentoo-dev 2018-10-30 00:15:18 UTC 
arm: due to stabilization delays, I'll soon have to drop the stable keyword on this package and cleanup old and vulnerable versions.
Comment 12 Larry the Git Cow gentoo-dev 2018-10-30 00:50:55 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e9aabe50eeb1ae673c9ad99ad03b83284350cdfb

commit e9aabe50eeb1ae673c9ad99ad03b83284350cdfb
Author:     Virgil Dupras <vdupras@gentoo.org>
AuthorDate: 2018-10-30 00:49:00 +0000
Commit:     Virgil Dupras <vdupras@gentoo.org>
CommitDate: 2018-10-30 00:50:23 +0000

    dev-lang/mujs: remove old and vulnerable
    
    Bug: https://bugs.gentoo.org/646784
    Signed-off-by: Virgil Dupras <vdupras@gentoo.org>
    Package-Manager: Portage-2.3.51, Repoman-2.3.11

 dev-lang/mujs/Manifest                      |  1 -
 dev-lang/mujs/files/mujs-1.0.1-gentoo.patch | 37 -------------------------
 dev-lang/mujs/mujs-0_p20161202.ebuild       |  4 +--
 dev-lang/mujs/mujs-1.0.1-r1.ebuild          | 42 -----------------------------
 4 files changed, 2 insertions(+), 82 deletions(-)
Comment 13 Virgil Dupras (RETIRED) gentoo-dev 2018-10-30 00:53:37 UTC 
Today I learned about unsupported architecture. This bug's workflow wasn't blocked by arm's stabilization. Cleanup done.
Comment 14 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2018-11-17 15:08:01 UTC 
arm stable
Comment 15 Larry the Git Cow gentoo-dev 2018-11-17 20:12:40 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d64139fbc5e17baed1d1f36a221286e1b0aa3096

commit d64139fbc5e17baed1d1f36a221286e1b0aa3096
Author:     Virgil Dupras <vdupras@gentoo.org>
AuthorDate: 2018-11-17 20:11:39 +0000
Commit:     Virgil Dupras <vdupras@gentoo.org>
CommitDate: 2018-11-17 20:12:28 +0000

    dev-lang/mujs: remove old and vulnerable
    
    Bug: https://bugs.gentoo.org/646784
    Signed-off-by: Virgil Dupras <vdupras@gentoo.org>
    Package-Manager: Portage-2.3.51, Repoman-2.3.11

 dev-lang/mujs/Manifest                             |  1 -
 .../mujs/files/mujs-0_p20150202-Makefile.patch     | 28 ------------------
 dev-lang/mujs/mujs-0_p20161202.ebuild              | 34 ----------------------
 3 files changed, 63 deletions(-)
Comment 16 Aaron Bauman (RETIRED) gentoo-dev 2018-11-24 22:50:52 UTC 
tree is clean